apache error log -> server uit, herstart gaat moeilijk [Archief]

Bekijk Volledige Versie : apache error log -> server uit, herstart gaat moeilijk

Jiny

12/10/06, 13:14

Hallo,

Ik heb momenteel met mijn server het volgende probleem:

S'nachts valt de server ineens uit en is hij moeilijk opnieuw op te starten, na een paar pogingen lukt dit echter wel.. Kan iemand mij vertellen wat het probleem kan zijn? In de apache error log staat het volgende:

[Thu Oct 12 00:10:01 2006] [notice] SIGHUP received. Attempting to restart
[Thu Oct 12 00:10:02 2006] [notice] Apache/1.3.34 (Unix) mod_ssl/2.8.25 OpenSSL/0.9.7a PHP/4.4.0 mod_perl/1.29 FrontPage/5.0.2.2510 configured -- resuming normal operations
[Thu Oct 12 00:10:02 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Oct 12 00:10:02 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Thu Oct 12 00:11:00 2006] [notice] caught SIGTERM, shutting down
[Thu Oct 12 00:11:01 2006] [notice] Apache/1.3.34 (Unix) mod_ssl/2.8.25 OpenSSL/0.9.7a PHP/4.4.0 mod_perl/1.29 FrontPage/5.0.2.2510 configured -- resuming normal operations
[Thu Oct 12 00:11:01 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Oct 12 00:11:01 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Thu Oct 12 04:00:13 2006] [error] [client IPADRES] File does not exist: /var/www/html/removelimitation/img/email_logo.gif
[Thu Oct 12 04:00:13 2006] [error] [client IPADRES] File does not exist: /var/www/html/removelimitation/img/pixel.gif
[Thu Oct 12 04:00:14 2006] [error] [client IPADRES] File does not exist: /var/www/html/removelimitation/img/bg_clk.gif
[Thu Oct 12 04:19:33 2006] [error] [client IPADRES] Invalid method in request \\x04\\x01
[Thu Oct 12 13:49:29 2006] [notice] Apache/1.3.34 (Unix) mod_ssl/2.8.25 OpenSSL/0.9.7a PHP/4.4.0 mod_perl/1.29 FrontPage/5.0.2.2510 configured -- resuming normal operations
[Thu Oct 12 13:49:29 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Thu Oct 12 13:49:29 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)

Alvast bedankt.

Intention

12/10/06, 16:45

[Thu Oct 12 00:11:00 2006] [notice] caught SIGTERM, shutting down

Dat is je oorzaak natuurlijk.
Ik gok dat er iets niet helemaal lekker aangeroepen wordt.

Is het altijd op 1 tijdstip?
Dan zou je naar de cronjobs kunnen kijken.

Is het willekeurig?
Dan eens de scriptjes controleren die op je server draaien.

Jiny

13/10/06, 00:21

Ik heb maar even gewacht tot het moment dat hij de melding gaf,

Dinsdag avond en woensdag avond geeft hij hetzelfde weer in de logfiles, om precies dezelfde tijd.

Vandaag geeft hij echter:

[Thu Oct 12 23:55:32 2006] [error] [client IP] File does not exist: /var/www/html/removelimitation/index.php
[Thu Oct 12 23:58:50 2006] [error] [client IP] File does not exist: /var/www/html/removelimitation/index.php
[Fri Oct 13 00:02:10 2006] [error] [client IP] File does not exist: /var/www/html/removelimitation/index.php
[Fri Oct 13 00:05:25 2006] [error] [client IP] File does not exist: /var/www/html/removelimitation/index.php
[Fri Oct 13 00:08:39 2006] [error] [client IP] File does not exist: /var/www/html/removelimitation/index.php
[Fri Oct 13 00:09:02 2006] [notice] caught SIGTERM, shutting down
[Fri Oct 13 00:09:03 2006] [notice] Apache/1.3.34 (Unix) mod_ssl/2.8.25 OpenSSL/0.9.7a PHP/4.4.0 mod_perl/1.29 FrontPage/5.0.2.2510 configured -- resuming normal operations
[Fri Oct 13 00:09:03 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Oct 13 00:09:03 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Fri Oct 13 00:10:01 2006] [notice] SIGHUP received. Attempting to restart
[Fri Oct 13 00:10:01 2006] [notice] Apache/1.3.34 (Unix) mod_ssl/2.8.25 OpenSSL/0.9.7a PHP/4.4.0 mod_perl/1.29 FrontPage/5.0.2.2510 configured -- resuming normal operations
[Fri Oct 13 00:10:01 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Oct 13 00:10:01 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)
[Fri Oct 13 00:11:00 2006] [notice] caught SIGTERM, shutting down
[Fri Oct 13 00:11:00 2006] [notice] Apache/1.3.34 (Unix) mod_ssl/2.8.25 OpenSSL/0.9.7a PHP/4.4.0 mod_perl/1.29 FrontPage/5.0.2.2510 configured -- resuming normal operations
[Fri Oct 13 00:11:00 2006] [notice] suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Fri Oct 13 00:11:00 2006] [notice] Accept mutex: sysvsem (Default: sysvsem)

In de cronlogs staat het volgende:

Oct 13 00:02:00 2ns CROND[17796]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:03:00 2ns CROND[17801]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:04:00 2ns CROND[17822]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:05:00 2ns CROND[17846]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:06:00 2ns CROND[17869]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:07:00 2ns CROND[17883]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:08:00 2ns CROND[17897]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:09:00 2ns CROND[17973]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:10:00 2ns CROND[18089]: (root) CMD (echo 'action=tally&value=all' >> /usr/local/directadmin/data/task.queue)
Oct 13 00:10:00 2ns CROND[18091]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:10:00 2ns CROND[18093]: (root) CMD (/usr/local/sbin/bfd -q)
Oct 13 00:11:00 2ns CROND[18715]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:11:59 2ns CROND[18756]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:13:00 2ns CROND[18763]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:14:00 2ns CROND[18782]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:15:00 2ns CROND[18786]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:16:00 2ns CROND[18788]: (root) CMD (/usr/local/directadmin/dataskq)
Oct 13 00:17:00 2ns CROND[18834]: (root) CMD (/usr/local/directadmin/dataskq)

209.147.127.222 <- dit is het ip adres dat elke dag de volgende map op wil halen:

/var/www/html/removelimitation/

en waarschijnlijk worden er nog meer mappen geprobeerd.

Ik ga het ip adres in elk geval dus maar blokkeren.

Google zegt overigens dat dat ip adres van een beveiligingsbedrijfs is?